Why Jira makes requests to addons with JWT in the query string?

Hervé Mutombo February 22, 2024

We know that there has been an enforcement of the deprecation of the use of JWT in query strings recently. This means that products like Jira won't read any ?jwt=xxx addons will be sent to its servers. This said we can see that Jira itself keeps sending JWT as part of the query string to addons. Considering that this is not a good practice, is there something that can be done in an app descriptor to avoid the use of JWTs? If not is the removal of it planned for somewhere soon?

0 answers

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events